definition
Created: 25 Jan 2012 | 6 comments
Hi Guys,
We are using Symantec Endpoint protection 11.05.
When we insert the usb drive in to the system,it shows as a threat.
After disconnecting the usb drive, its creating exe files.
Discussion Filed Under:
Comments
RE
Check this article & block the autorun.inf its vey helpful to you.
http://www.symantec.com/business/support/index?pag...
Regards
Vicky
Suggestions
Hello,
I would suggest you to Run a Full scan on your USB drive.
Secondly, Is the SEP updated with Latest Virus Definitions?
Is the machine installed with all the Microsoft Service Packs and Security Patches?
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | SCTS | ITIL v3
Follow me on Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helped yo
Re
Hi Mithun,
That already we done fullscan after updated the microsoft patches.
Regards
Vicky
What is the filename of that
What is the filename of that .exe ? What risk name appear?
Did SEP managed to clean/quarantine/delete it?
At which location the file created?
Collect that .exe file and
Collect that .exe file and submit to the security response team and let them analize.
https://submit.symantec.com/websubmit/gold.cgi
Regards'
Ajit Jha
Technical Consultant
STS
Questions
Hello,
Let me get it right, you say that these .exe files are created after you have Removed the USB drive and till the drive was in the Drive. It was not creating the .exe files correct?
1) Is this USB a External Drive or a USB meant for Internet Purposes?
2) Could you let us know the path where the .exe files are getting created? Could you also attach a screenshot?
3) Symantec is detecting it as which Threat?
Awaiting Reply.
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | SCTS | ITIL v3
Follow me on Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helped yo
Would you like to reply?
Login or Register to post your comment.